package org.example.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configuration.EnableGlobalAuthentication;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.*;
import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder;

import java.util.HashMap;
import java.util.Map;

/**
 * @author GuoChunbo
 * @create 2021-02-25 8:32
 * @Description: 类的描述
 */
@Configuration //配置类
@EnableWebSecurity //开启安全验证
@EnableGlobalMethodSecurity(prePostEnabled = true,securedEnabled = true) //开启注解权限验证
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {



    @Override
    public void configure(WebSecurity web) {
        web.ignoring()
                .antMatchers("/css/**","/images/**","/calendar/**","/js/**")
        ;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers("/css/**","/images/**","/calendar/**","/js/**").permitAll()
                .antMatchers("/","/login").permitAll() //对该请求不安全验证
                //对url单个权限控制
//                .and().authorizeRequests().antMatchers("/user/list").hasAuthority("/user/list")
//                .and().authorizeRequests().antMatchers("/user/toadd").hasAuthority("/user/toadd")
//                .and().authorizeRequests().antMatchers("/user/add").hasAuthority("/user/add")
//                .and().authorizeRequests().antMatchers("/user/get").hasAuthority("/user/get")
//                .and().authorizeRequests().antMatchers("/user/update").hasAuthority("/user/update")
                .and().authorizeRequests().anyRequest().authenticated() //任意请求安全验证 登录
                .and()
                    .formLogin()
                    .usernameParameter("userCode")
                    .passwordParameter("userPassword")
                    .successForwardUrl("/main") //登录成功
                    .loginPage("/login") //跳转登录页面的请求
                    .permitAll()
                .and()
                    .logout()
                    //                .logoutUrl("/logout")//退出的请求
                    .permitAll()//注销 退出
//        关闭csrf
                .and()
                    .csrf().disable();
    }


    //必须需要配置密码加缪
    @Bean //<bean id="" class="" />
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Autowired
    MyUserDetailsService userDetailsService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        //配置userDetailsService 和 密码加密器
        auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
    }

    public static void main(String[] args) {
        System.out.println(new BCryptPasswordEncoder().encode("test002"));;
    }

}
